Nmap Development mailing list archives
Re: [RFC] Default NSE Scripts
From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Sun, 11 May 2008 00:06:13 +0530
On 5/10/08, Fyodor <fyodor () insecure org> wrote:
On Sat, May 10, 2008 at 04:43:15AM +0000, Brandon Enright wrote:Who knows if any of this crap would actually hold up in court. I really don't think any scripts in the default category though should also fall into the "askalayer" category. A user of Nmap takes responsibility for their actions into their own hands. Lets not have the proverbial gun pointing at their foot by default though, lets make them aim it there on their own.I see your point, but I think that many/most scripts have the potential to annoy the sorts of people would would put out a public FTP server with anonymous access enabled, and then complain when people log in. Also, these scripts won't run with a deafult scan like "nmap <target>". Only if you specify scripting with an option such as -sC or -A. And anonFTP has run by default (if you're ask for scripting) since it was added in 2006 and I haven't heard any complaints about it being default. So this isn't a change in behavior.
This topic had crossed my mind when I was making the lists. I, too, figured that since anonFTP has always been running by default that it was OK to be on the new list. But thank you, Brandon, for bringing up the FTP banners because I hadn't considered them.
Maybe what we need to do is document better that -sC/-A are particularly intrusive and really shouldn't be run without permission of the target network. While I don't think I'd want exploits running by default with -sC, I'd like to have vulnerability checks included so that Nmap can tell you if it sees a gaping hole. And many admins don't like folks vuln-checking their servers without permission.
I like the idea of basic checks being performed, and I also agree that the docs should probably be updated. I can work on this along with the other docs I'm updating for the new category.
Cheers, -F
Thanks, Kris Katterjohn _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [RFC] Default NSE Scripts Kris Katterjohn (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Fyodor (May 10)
- Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
- Re: [RFC] Default NSE Scripts Daniel Roethlisberger (May 12)
- Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)